To get a trial key
fill out the form below
Team License (a basic version)
Enterprise License (extended version)
* By clicking this button you agree to our Privacy Policy statement

Request our prices
New License
License Renewal
--Select currency--
USD
EUR
GBP
RUB
* By clicking this button you agree to our Privacy Policy statement

Free PVS-Studio license for Microsoft MVP specialists
* By clicking this button you agree to our Privacy Policy statement

To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

>
>
>
Bugs Found by LibreOffice in PVS-Studio

Bugs Found by LibreOffice in PVS-Studio

Feb 24 2015

Usually we check various projects by PVS-Studio. This time, it's been vice versa: We have checked PVS-Studio by LibreOffice :-). And then managed to do the opposite check as well.

0307_PVS-StudioIssuesInLibreOffice/image1.png

Introduction

Our articles about project checks evoke different reactions from the readers: from "Aren't you bored advertising your tool already?" to "Thank you very much! PVS-Studio is really a great tool!" For justice's sake, I would like to notice that no advertising managers ever take part in the project check, it's only the PVS-Studio developers and translator who do the job. So our contribution to the open-source community is real and really sensible. Developers do not always show interest in maintaining the feedback but they do fix the bugs we report to them in emails. By the example of the LibreOffice project's check, the article about which will soon be published, I'd like to tell you about how our checks influence the analyzer itself and about the work we have done.

About the analyzer

PVS-Studio is a static analyzer detecting errors in the source code of programs in C/C++. Its usage and integration capabilities are constantly evolving, so, besides the demonstration purposes, open-source projects serve as impartial testers for our analyzer.

The LibreOffice project turned out to be a good test for the analyzer and made everyone in the PVS-Studio team spend some effort to resolve the problems revealed by the analysis.

Now I'll tell you about the problems we were faced by when running that check.

Memory leak

LibreOffice is built with MS Visual C++ 2013 in Cygwin. Not so long ago, the PVS-Studio Standalone utility acquired the ability to check any projects. Regardless of the specifics of the present build system, you can now simply enable the "Compiler Monitoring" option and start the project build. To learn more about this feature, see the article PVS-Studio Now Supports Any Build System under Windows and Any Compiler. Easy and Right Out of the Box. To put it short, the utility can extract from the processes running under Windows all the information necessary for starting the analysis process in the same environment. So, when running a project build, a few hundreds of Kbytes of unmanaged memory are allocated for storing the launch command line, current folder, environment variables and so on. For processes supported by the compiler, the information would be copied into managed memory while unmanaged memory was freed in any case. But, as we have discovered, it did not work for the environment variables. For each process, about 500 Kbytes on average failed to be freed. It didn't cause any serious troubles with previous projects (at least we didn't notice anything and users didn't complain either). But when building LibreOffice through Make, a huge number of processes are run which do not refer to the compiler. During the several hours of the build process, more than one hundred thousand processes were launched, which resulted in "piling up" of total 25 Gbytes. After fixing the issue, the size of the memory used by the monitoring system dropped to 1,8 Gbytes.

Long analysis

The whole build process, including library compilation, contained 12245 source files. Unfortunately, the analysis process for such a huge number of files took about 15 hours, so we made some optimizations in the analyzer kernel that allowed us to re-analyze the project in as few as 9 hours. It is twice the project build time but this speed is still quite adequate and satisfying.

Analysis complications

If the analyzer can't figure out some constructs in the source code, it generates the V001 message for that file. It skips this fragment, which very rarely affects the analysis results. However, we studied and fixed all the V001 messages for this project.

Old path format

When checking the project, we discovered that the system paths had been defined in the old format, for example "C:/PROGRA~2/MICROS~4.0/VC/include". This format is fully supported by the analyzer kernel and plugin but the message filtering mechanism failed for the system files, so we had to make some fixes.

Unlucky serialization

This issue doesn't quite refer to the PVS-Studio products. The PVS-Studio Standalone utility where LibreOffice was checked has recently got a better file navigation mechanism which now allows navigation by included headers and search for types and variables in dependent files. All the dependencies are collected during the check and saved in the same folder with the *.plog file. Unfortunately, the standard class System.Runtime.Serialization.Formatters.Binary.BinaryFormatter cannot serialize structures of a large size - an internal exception is thrown, so now we use the Protocol Buffers library which is very good at this task.

Conclusion

The check of the LibreOffice project resulted in an article aiming at improving one more open-source project, as well as useful fixes made in the PVS-Studio products. The article about the bugs found in LibreOffice will be published soon. And we want to say thank you to the LibreOffice project that has helped us make our analyzer better!

References

Popular related articles
Appreciate Static Code Analysis!

Date: Oct 16 2017

Author: Andrey Karpov

I am really astonished by the capabilities of static code analysis even though I am one of the developers of PVS-Studio analyzer myself. The tool surprised me the other day as it turned out to be sma…
Free PVS-Studio for those who develops open source projects

Date: Dec 22 2018

Author: Andrey Karpov

On the New 2019 year's eve, a PVS-Studio team decided to make a nice gift for all contributors of open-source projects hosted on GitHub, GitLab or Bitbucket. They are given free usage of PVS-Studio s…
How PVS-Studio Proved to Be More Attentive Than Three and a Half Programmers

Date: Oct 22 2018

Author: Andrey Karpov

Just like other static analyzers, PVS-Studio often produces false positives. What you are about to read is a short story where I'll tell you how PVS-Studio proved, just one more time, to be more atte…
PVS-Studio for Java

Date: Jan 17 2019

Author: Andrey Karpov

In the seventh version of the PVS-Studio static analyzer, we added support of the Java language. It's time for a brief story of how we've started making support of the Java language, how far we've co…
The way static analyzers fight against false positives, and why they do it

Date: Mar 20 2017

Author: Andrey Karpov

In my previous article I wrote that I don't like the approach of evaluating the efficiency of static analyzers with the help of synthetic tests. In that article, I give the example of a code fragment…
Static analysis as part of the development process in Unreal Engine

Date: Jun 27 2017

Author: Andrey Karpov

Unreal Engine continues to develop as new code is added and previously written code is changed. What is the inevitable consequence of ongoing development in a project? The emergence of new bugs in th…
Technologies used in the PVS-Studio code analyzer for finding bugs and potential vulnerabilities

Date: Nov 21 2018

Author: Andrey Karpov

A brief description of technologies used in the PVS-Studio tool, which let us effectively detect a large number of error patterns and potential vulnerabilities. The article describes the implementati…
The Last Line Effect

Date: May 31 2014

Author: Andrey Karpov

I have studied many errors caused by the use of the Copy-Paste method, and can assure you that programmers most often tend to make mistakes in the last fragment of a homogeneous code block. I have ne…
Characteristics of PVS-Studio Analyzer by the Example of EFL Core Libraries, 10-15% of False Positives

Date: Jul 31 2017

Author: Andrey Karpov

After I wrote quite a big article about the analysis of the Tizen OS code, I received a large number of questions concerning the percentage of false positives and the density of errors (how many erro…
The Ultimate Question of Programming, Refactoring, and Everything

Date: Apr 14 2016

Author: Andrey Karpov

Yes, you've guessed correctly - the answer is "42". In this article you will find 42 recommendations about coding in C++ that can help a programmer avoid a lot of errors, save time and effort. The au…

Comments (0)

Next comments
This website uses cookies and other technology to provide you a more personalized experience. By continuing the view of our web-pages you accept the terms of using these files. If you don't want your personal data to be processed, please, leave this site.
Learn More →
Accept